The ADS Agency Podcast is here to bring you the very best in marketing and branding tips as well as business tips for the aspiring entrepreneur, that small business owner who doesn't have anyone on staff in marketing yet and also the career professional who wants to work on building up their personal brand. Thanks so much for joining us! We look forward to chatting with you.

If you have a business page on Facebook, you might’ve noticed
several notifications all about GDPR on your page over the past few
weeks. You probably checked it out and then became a bit confused
about what it really is. Then you might’ve started digging around
about it and started to see how much there is to it.

1. WHAT is it? GDPR = General Data Protection Regulation.
Designed to increase protection of EU residents’ personal data.
Also gives EU citizens more control over their data.

3. WHY is it? Its core premise is that privacy is a fundamental
right. It’s an update to an existing regulation from the 90s. So it
has to evolve as our technology evolves. I actually lived in the UK
before and I can tell you one thing: the Scottish and British alike
are quite skeptical, suspectful. They’re very careful about their
information. Everyone uses chip cards now instead of the “old
school” slider cards, but whenever they have to input pin
information at a register, ATM, etc, they ALWAYS shield their
hands. I actually lived there just before America started adopting
the chip cards so living over there with a “slider card” - people
thought we were such “in the dark ages!!” I think it’s part of
European culture to be quite skeptical of what data is being used
for. Truthfully, as you might imagine due to their history and how
data was used against them in the past, the most careful and
skeptical country of all in the EU is Germany. Therefore, they have
the strictest rules. So prior to GDPR, every country kind of had
their own DPA’s (Data Protection Authorities)

4. WHERE is it? It’s for the EU but it effects anyone who does
business / could potentially collect any kind of personal data from
EU citizens.

5. WHO does it effect? Anyone who sells to, targets or could
come across personal data from EU citizens. EU = 26 countries.
Currently includes the UK. Once Brexit hits, we hear they will have
their own version of GDPR.

6. WHAT does it effect? What does it change? This completely
changes the way data is handled. Everything needs explicit consent
now. We can now only process data we REALLY need! Now you need
legal justification for why that PD is being processed. Will force
us to focus on the critical data (not the nice-to-haves). Hard for
us because we want it all “just in case” – for future segmenting,
etc. We will also have to radically re-engineer our processes for
data handling.
a. Email Marketing: Your email lists
b. Social Media:
c. Facebook custom audiences: need separate consent form from the
individual for their email to be used for promoted social media
posts.
d. Requests for data access: people can now request that you give
them a full report on any data you have on them at any given time.
When, how, to what they consented, plus the data you hold.
e. CRM Platforms (Customer Relationship Management)

7. WHEN is it? Deadline of May 25.

8. WHY should I care?
a. THE NEGATIVE SIDES: The penalties are nothing to laugh at. Fines
can go as high as €20M or 4% of global revenue (whichever is
higher). So if you end up sending emails without appropriate
consent, guess what happens? You’re going to get fined. Honda and
Flybe got fined £83K for the emails they sent back in March 2017.
Could cause you to lose customers. Could cause you to lose trust.
Consider the cost of obtaining a customer in the first place.
b. THE POSITIVE SIDES: Opportunity for transparency and trust,
deepen relationships. Competitive advantage.

9. WHAT should I do?
a. Don’t be slick.
b. Analyze your data collection process: how do you currently
obtain consent? “Positive opt-in with CLEAR affirmative action” (no
pre-ticked boxes anymore). True opt-ins.
c. People also need the ability to withdraw consent for each
distinct processing activity (no blanket consent) – e.g. email
signup forms that pre-tick everything.
d. Can’t make people do it before they’re able to receive your
service / product (unless it’s a newsletter).
e. No grandfathering: applies to ALL personal data you currently
have, not just data obtained after May 25.
f. Provide clarity: Give as much detail as possible on what their
data will be processed FOR and WHO will be processing it. Clearly
communicate to your audience about this. What’s happening with
their data – when, how? Tell them what you’re collecting, that
you’re going to protect their data and do what you say you’re going
to do.
g. Have a response plan & proactive plan: speed matters.
Prepared comms ready to go.

About the Podcast

The ADS Agency is here to bring you the very best in marketing and branding tips as well as business tips for the aspiring entrepreneur, current small business owner or career professional interested in working on their personal brand. We bring you global experience with a local touch and are happy to serve you on your business journey. Let's begin!